|
|
Colapse all |
Post message
Re: Analysis/decompilation of main() of the msblast worm 2003-08-14 Helmut Hauser (helmut hauser intraplan de) In-Reply-To: <001a01c362a4$d523d600$b100a8c0@penetrator> Sorry Dennis but the regards must go to E-Eye Security: http://www.eeye.com/html/Research/Advisories/Blaster_Analysis.txt (Done on August 12, 2003) btw very nice Disasm :) There is another RPC Leak which is not fixed by the Microsoft P [ more ] [ reply ] Re: Buffer overflow prevention 2003-08-14 Stephen Clowater (steve stevesworld hopto org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On August 14, 2003 06:44 am, Mariusz Woloszyn wrote: > On Wed, 13 Aug 2003, Patrick Dolan wrote: > > There is a flag for the Gnu C/C++ compilers, -fstack-protector, that will > > implement ProPolice stack [ more ] [ reply ] Recoding msblast.exe in C from disassembly 2003-08-14 Rolf Rolles (rolf rolles ncf edu) DISCLAIMER: Do not fix the poor syntax in my C code and compile it. If you do something stupid with this, that's your problem, and I'm not responsible. The way I figure it, if you go out of your way to fix this to get it to compile, then you've modified the code, it's not my work any [ more ] [ reply ] PointGuard: It's not the Size of the Buffer, it's the Address of the Pointer 2003-08-13 Crispin Cowan (crispin immunix com) This seems topical to today's discussion of buffer overflow defenses: "PointGuard: Protecting Pointers From Buffer Overflow Vulnerabilities". Crispin Cowan, Steve Beattie, John Johansen and Perry Wagle. To appear at the 12^th USENIX Security Symposium <http://www.usenix.org/events/s [ more ] [ reply ] RE: Buffer overflow prevention 2003-08-13 Lance James (lance james bakbone com) (2 replies) Is that in universal gcc, or OpenBSD only? Lance James -----Original Message----- From: Patrick Dolan [mailto:dolan (at) cc.admin.unt (dot) edu [email concealed]] Sent: Wednesday, August 13, 2003 10:20 AM To: Eygene A. Ryabinkin Subject: Re: Buffer overflow prevention There is a flag for the Gnu C/C++ compilers, -fstack-pro [ more ] [ reply ] Re: [Full-Disclosure] Microsoft MCWNDX.OCX ActiveX buffer overflow 2003-08-13 jelmer (jkuperus planet nl) thats why they set kill bits ----- Original Message ----- From: "Thor Larholm" <thor (at) pivx (dot) com [email concealed]> To: "Tri Huynh" <trihuynh (at) zeeup (dot) com [email concealed]>; <bugtraq (at) securityfocus (dot) com [email concealed]> Cc: <full-disclosure (at) lists.netsys (dot) com [email concealed]> Sent: Wednesday, August 13, 2003 8:21 PM Subject: Re: [Full-Disclosure] Microsoft MCWNDX.OCX Activ [ more ] [ reply ] IRM 006: The configuration of Microsoft URLScan can be enumerated when implemented in conjunction with RSA SecurID 2003-08-14 IRM Advisories (advisories irmplc com) ------------------------------------------------------------------------ ---- IRM Security Advisory No. 006 The configuration of Microsoft URLScan can be enumerated when implemented in conjunction with RSA SecurID Vulnerablity Type / Importance: Information Leakage / High Problem discovered: July [ more ] [ reply ] Ecartis 1.0 multiple vulnerabilities 2003-08-14 Timo Sirainen (tss iki fi) Ecartis is a modular mailing list manager, previously called Listar. I reported these in Ecartis' bug database sometimes in May. Remembered it again in June and sent a reminder mail to ecartis-dev list. Remembered it again today and looks like nothing is still done. Just so it won't get completely [ more ] [ reply ] Analysis/decompilation of main() of the msblast worm 2003-08-14 Dennis (Dennis backtrace de) (1 replies) Virginity Security Advisory 2003-001 : Hola CMS - Admin Password Disclosure by Include vulnerability 2003-08-13 Virginity Security (advisory konfiweb de) RE: [Full-Disclosure] Microsoft MCWNDX.OCX ActiveX buffer overflow 2003-08-13 Jason Coombs (jasonc science org) (1 replies) What about pointing the OBJECT tag codebase to a known, or probable, location on the victim's own hard drive? ActiveX never implemented any type of "same origin policy" the way JavaScript does, so a local codebase reference should work as a technique to silently activate any Microsoft-signed Active [ more ] [ reply ] RE: [Full-Disclosure] Microsoft MCWNDX.OCX ActiveX buffer overflow 2003-08-13 Drew Copley (dcopley eeye com) CERT Advisory CA-2003-21 GNU Project FTP Server Compromise 2003-08-13 CERT Advisory (cert-advisory cert org) PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4 2003-08-13 Vincenzo 'puccio' Ciaglia (puccio pucciolab org) DameWare Mini-RC Shatter 2003-08-13 ash felinemenace org Program: DameWare Mini Remote Control Server Version: Prior to 3.71.0.0 Impact: Users can escalate to SYSTEM Discovered: ash Writeup and exploits: ash 1) Background From DameWare Development web site: A lightweight remote control intended primarily for administrators and help desks for qu [ more ] [ reply ] BBCode XSS in XOOPS CMS 2003-08-13 Frog Man (leseulfrog hotmail com) (1 replies) Informations : °°°°°°°°°°°°° Language : PHP Bugged Versions : 1.3.x and less (+ 2.0.x and less ? not checked) Safe Version : 2.0.3 Website : http://www.xoops.org Problem : BBcode XSS PHP Code/Location : °°°°°°°°°°°°°°°°°°° This hole can be used in modules : - Private Messages - News - NewBB (forum [ more ] [ reply ] netris[v0.5]: client/server remote buffer overflow exploit. 2003-08-13 Vade 79 (v9 fakehalo deadpig org) |
|
Privacy Statement |
> Also, you can use chpax, and turn on a non-executable stack, and with a small
> amount of voodoo (in tracking down the binarys and .so's that need the stack,
> wich typically is only a single binary or .so file, wich you can find with
> ptrace, strace,
[ more ] [ reply ]